Finding and Fixing Bottlenecks in Microservice Architecture

According to a study by DZone, 93% of organizations use or plan to use a microservice architecture in their applications. In 2021, there were 74% of them. This suggests the conclusion that the study of microservice architecture is promising. We want to show you what approach QA specialists should take when checking for compliance with the requirements of such applications. Let's explore it together!

1. What is microservice architecture?

Applications must be flexible, scalable and easily maintainable. In this context, microservice infrastructure has become one of the most popular approaches to application architecture.

Microservice infrastructure is a style based on building applications as a collection of small, self-contained services. Each service is a separately deployable and scalable unit that performs specific functions. Services usually communicate with each other through lightweight protocols, such as HTTP or messages.

Main Feature of microservice infrastructure lies in its decomposition of complex applications into small and easily manageable parts. This allows development teams to work independently on each service, use different technologies and tools, and scale each service individually to suit its needs.

The relevance of microservice architecture is confirmed by modern trends:

1. Growing volume and complexity of applications.
2. The need for fast delivery of functionality.
3. Scalability and fault tolerance.
4. Flexibility and independence.
5. Easy team scalability.

2. Sample application with microservice architecture

An online store that uses a microservice architecture. We can divide it into several microservices, each of which performs certain functions. Let's look at the main services in this architecture and their features:

1. Product catalog service: Manages product information, descriptions, pricing and availability. It provides an API for getting product information and updating the catalog.

2. Order service: Processing and managing orders from customers. It receives requests to create new orders, checks for items in the catalog, and interacts with the payment service to complete the purchase.

3. Authentication and authorization service: User authentication and access to store functionality. It stores information about users, handles login and logout requests, and manages access rights to various features.

4. Recommendation service: Providing personalized recommendations to users based on their preferences and purchase history. It analyzes data about purchases and user interaction with the store in order to offer them the most relevant products.

3. Microservice architecture: what to test?

The basic approach to testing a microservice architecture includes several aspects that allow you to ensure the reliability and quality of each service, as well as the interaction between them. Here are the main steps in testing a microservice architecture:

Unit testing: Unit testing checks individual components, functions, and classes to make sure they work correctly. Unit tests allow you to check the logic of the service and detect possible errors and defects.

Integration testing: APIs, interaction protocols and data transfer between services are tested. The goal of integration testing is to detect potential interoperability issues and ensure that data is passed correctly between services.

Fault tolerance testing: The microservice architecture assumes that each service can operate independently and survive failures of other services. Therefore, fault tolerance testing is important for detecting problems and verifying the behavior of the system in the face of failures or unavailability of services. This may include failure simulation, scaling, and switching between standby service instances.

Performance testing: Performance testing allows you to evaluate how each service handles the load and how the system as a whole is handling performance requirements. This may include testing the response time, throughput, and scalability of each service. Performance testing helps identify bottlenecks and optimize system performance.

Security testing: Security testing includes vulnerability testing, authentication, authorization, and data encryption. Each service should be tested for possible vulnerabilities such as injections, information leakage or insufficient access controls. It is also important to check how secure communication between services is ensured and data is protected in transit and at rest.

Monitoring and logging testing: Monitoring testing includes verifying that metrics and logs are correctly collected and displayed and analyzed correctly. It is also important to check that service logging allows you to track and analyze events and errors in the system.

Migration and Deployment Testing: Migration and deployment testing verifies that updates and changes to the system are safe and do not result in functionality or performance issues. This may include automated integration tests and validation of configuration and service dependencies on upgrade.

The combination of these methods and testing approaches allows you to ensure high quality, reliability and performance of the microservice architecture. It allows you to detect and fix problems in each individual service, as well as verify and confirm the correct interaction between services.

4. Microservice architecture: how to test?

Test planning and design:

1. Define the goals and requirements of testing. Understand which functional and non-functional requirements need to be tested.
2. Create a test plan that includes a description of the features to be tested, acceptance criteria, and a test schedule.
3. Develop a set of test cases that cover different use cases and aspects of the functionality of each service.

Unit testing:

1. Write unit tests for each individual service. Focus on checking the correctness of the logic and functionality of the service.
2. Check the main methods, functions and classes, as well as exception and error handling.
3. Use unit testing frameworks such as JUnit to create and execute test cases.

Integration testing:

1. Perform integration testing to verify the interaction between services.
2. Check that data is being passed and that requests and responses are processed correctly between services.
3. Use tools to automate API testing and endpoint validation such as Postman or RestAssured.

Failover and recovery testing:

1. Simulate the failure of one or more services and check how the system behaves in such situations.
2. Make sure that service instances are activated and keep the system up and running.
3. Use tools to automate failover and recovery testing, such as Docker or Kubernetes, to create containers and manage your deployment.

Performance testing:

1. Measure the performance of each service under various workloads such as requests per second or concurrent requests.
2. Evaluate the response time, throughput, and scalability of each service under different workloads.
3. Use load generation tools such as Apache JMeter or Gatling to create a realistic load on services.
4. Monitor performance with monitoring tools like Prometheus or Grafana to get insights into response time, resource usage and other performance metrics.
5. Analyze performance test results and optimize services or infrastructure as needed.

Security testing:

1. Conduct security testing to discover potential vulnerabilities in each service.
2. Check that the authentication and authorization mechanisms are implemented correctly.
3. Conduct penetration tests that check the system for vulnerabilities such as injections, authentication flaws, and information leaks.
4. Use security testing tools such as OWASP ZAP or Burp Suite to automate and run these tests.

Monitoring and logging testing:

1. Check that monitoring and logging are properly configured and collect the necessary information.
2. Create test scripts to ensure that monitoring metrics and logs are displayed and analyzed correctly.
3. Check that the logs contain sufficient information for debugging and identifying problems.

Migration and Deployment Testing:

1. Check that updates and changes to the system are carried out safely and do not lead to impaired functionality or performance.
2. Run deployment and migration tests to ensure services are successfully deployed and configured in new environments.
3. Use automated deployment tools and configuration management tools such as Ansible or Kubernetes to simplify and standardize the deployment process.

5. Microservice Architecture: Test Case

Company Cherish DEV has experience of working with 5+ carsharing companies. Therefore, now we will share an example of testing a microservice application for renting a car.

Test planning and design:

Definition of testing goals: Test the functionality, performance and security of the car rental app.

Create a test plan: Determination of the main functional requirements, acceptance criteria and testing schedule.

Test case development: Create test cases to test features such as user registration, search for available vehicles, booking, payment, and order cancellation.

Test case example:

Test case: Search for available cars

Steps:

1. Launch the application and log in using valid user credentials.
2. Go to the car search page.
3. Enter the dates and location of the rental (for example, "June 15 to June 20 in New York City").
4. Press the "Search" button.
5. Check that a list of available cars is displayed that matches the search parameters.
6. Check that each car contains information about the model, price, availability and additional options such as GPS or child seat.
7. Select one of the available vehicles by clicking on the "Select" button.
8. Check that the information about the selected vehicle is displayed correctly on the order page.

Unit testing:

Writing unit tests for each application service, such as car search service, booking service, and payment service.

Checking that each service handles requests correctly, validates data, and returns expected results.\

Test case example:

Test case: Search for available cars (unit test)

Steps:

1. Create a fake car search service with given data about available cars.
2. Call the car search method with the given parameters (for example, dates and place of rental).
3. Check that the returned result matches the expected list of cars.

Failover and recovery testing:

Simulation of the failure of one of the services, for example, the booking service.

Steps:

1. Stop the booking service or create a script that returns an error when a booking is attempted.
2. Check that the system continues to function and displays information to the user about the temporary unavailability of the booking service.
3. Ensure that orders for other available services, such as payment, are processed without problems and the user is given the option to cancel the order or select another vehicle.

Performance testing:

Run load tests to check application performance under various loads.

Steps:

1. Using the load generation tool, set up a script that simulates simultaneous vehicle search and booking requests.
2. Measure system response time and throughput at various request volumes.
3. Ensure that the system processes requests quickly and efficiently without causing delays for users.

Security testing:

Application security check to protect user data and prevent attacks.

Steps:

1. Verify that user data is transmitted over a secure connection (HTTPS).
2. Attempt to hack the system by attempting SQL injection or cross-site scripting.
3. Ensure that the system properly handles such attacks, does not disclose sensitive data, and prevents unauthorized access.

Monitoring and logging testing:

Checking the correct configuration and functioning of monitoring and logging to monitor and analyze the operation of the system.

Steps:

1. Verify that the system collects and stores performance metrics such as response time and resource usage.
2. Verify that the system writes events and errors to logs for further analysis and debugging.
3. Verify that monitoring metrics and logs are displayed correctly and are available for analysis through an appropriate monitoring tool such as Grafana or Kibana.

Migration and Deployment Testing:

Checking the continuity of updates and changes in the system when deploying new versions or upgrading the infrastructure.

Steps:

1. Test deploy a new version of the application using deployment automation tools such as Docker or Kubernetes.
2. Verify that the application is successfully deployed and functioning with the new version.
3. Verify that all dependencies and configurations are properly configured and applied.
4. Verify that the upgrade and deployment process does not break the application and save data.

Conclusion

Microservice architecture allows you to create applications consisting of independent services that can be scaled, deployed and updated independently of each other. Proper testing of a microservice architecture helps identify and fix bottlenecks, improves system reliability and performance, and improves the overall user experience. To achieve this, you need to create a comprehensive test plan that considers various aspects of functionality, performance, security, and deployment.